Hal Finney <hal(_at_)finney(_dot_)org>:
Adam Back writes:
What we proposed is related. Rather
than the normal encrypted signed message:
Encrypt_Bob(K), Encrypt(K, Sign_Alice(Hash(msg)), msg)
Encrypt_Bob(K), Encrypt(K, Sign_Alice(Hash(K||Bob_PK)), msg)
with the additional restriction that the encryption mode
should be one
of the MDC modes (ie appended MAC with K outside encryption, or
appended hash of msg inside encryption).
What a wonderful solution. Hello everybody, we go ahead and change
the next version of the protocol to this. Ok?